Corporate Boards of Directors (BOD) may soon be required to disclose their level of cybersecurity expertise. The recently-introduced Cybersecurity Disclosure Act (S.2410) would direct the SEC to work out the details of making publicly-traded companies “comply or… Continue reading →

The Challenge: Multifaceted Security Challenges

CISOs and other security leaders and their sponsors face multifaceted security challenges. Business transformation, disruptive IT changes, a worsening threat landscape, and regulatory issues have all put tremendous pressure on IT, IT security, risk,… Continue reading →

Where the CISO should report is probably one of those questions we security professionals will be asking until the end of eternity. We’ll finesse the subject of titles for the security leader, which also vary, and just get started.

Even on technical consulting engagements, Security Architects Partners often finds that a security governance issue is at the root of the problem we were brought in to solve. Therefore, we’ve developed… Continue reading →

At the root of many consulting engagements we find a security governance problem. Last week, in Part 1 of this series, I described the centralized, decentralized and matrixed primitives of security governance. I published the matrixed security governance… Continue reading →

At the root of most consulting engagements we often find a security governance problem. Therefore, we decided to devote some of Security Architects Partners’ next several posts to this Eternal Question: How to govern enterprise security? Should governance be centralized?… Continue reading →

We founded and ran the Burton Group identity management and security consulting practices closely-mapped to Reference Architecture decision support frameworks. After performing hundreds of engagements for Global 1000 companies, universities and government entities we now bring our expertise and industry connections to Security Architects Partners and its clients.

Our mission is to deliver high-quality security consulting and education services to enterprise security clients within commercial organizations, higher-education, government and solution provider environments through a team of expert and trusted security architects.